fix: duration

feat: update READMe add goreportcard
feat: fix misspell
2023-02-20 21:35:19 +01:00 · 2023-02-15 20:05:21 +01:00 · 2023-02-15 19:49:25 +01:00 · 2023-02-15 19:49:14 +01:00 · 2023-02-15 19:48:05 +01:00 · 2023-02-15 19:47:58 +01:00
6 changed files with 103 additions and 7 deletions
--- a/.env.example
+++ b/.env.example
@ -0,0 +1,3 @@
+VIPER_CONFIG=your-viper-file-name-without-extension
+VIPER_CONFIG_TYPE=yaml
+ENV=dev
--- a/6
+++ b/6
@ -0,0 +1,6 @@
+lint:
+	golangci-lint run ./...
+goreportcard:
+	goreportcard-cli -v
+test: 
+	go test ./...
--- a/README.md
+++ b/README.md
@ -0,0 +1,79 @@
+# go-gen-cert
+
+## Preamble
+I've decided to create this project based on [this example](https://github.com/yasushi-saito/grpc-ssl-example/blob/master/go/main.go) but with some improvements, which I would like to give thanks.
+
+I had some trouble during TLS communication between both of my gRPC server and client. I've decided to create a tool to generate SSL certificates following a little of this [guide](https://jamielinux.com/docs/openssl-certificate-authority/create-the-intermediate-pair.html).
+
+## TODO:
+- [ ] Create intermediate authority to sign certificates on behalf CA to add more security. If intermediate is hacked then you can revoke from CA and generate new intermediates keeping CA isolated from beeing hacked.
+
+- [ ] Complete tests
+
+## Configuration
+If you are on `dev` environment, like I've been doing, you must create `.env` file similar as `.env.example` in this repo:
+
+```bash
+VIPER_CONFIG=your-viper-file-name-without-extension
+VIPER_CONFIG_TYPE=yaml
+ENV=dev
+```
+
+Then add viper configuration file, yaml for example, in your root directory:
+```yaml
+export_dir: "/home"
+ca:
+    serial_number: 12152 # serial number
+    subject:
+        organization: "yourdomain.com"
+        common_name: "*.yourdomain.com"
+    key_usage: 1
+    ext_key_usage: 
+        - 1
+        - 2
+        duration: 518400 #1 year
+client:
+    serial_number: 12151232 # serial number
+    subject:
+        organization: "yourdomain.com"
+        country: "RM"
+        province: "REML"
+        locality: ""
+        street_address: ""
+        postal_code: ""
+    subject_key_id:
+        - 1
+        - 2
+        - 3
+        - 4
+        - 6
+    key_usage: 1
+    ext_key_usage: 
+        - 1
+        - 2
+    duration: 518400
+```
+## Execution
+Then you can just run 
+```bash
+go run main.go
+```
+
+## goreportcard
+```bash
+make goreportcard
+```
+output:
+```bash
+goreportcard-cli -v
+Grade ........... A+ 94.1%
+Files .................. 9
+Issues ................. 1
+gofmt ............... 100%
+go_vet .............. 100%
+gocyclo ............. 100%
+ineffassign ......... 100%
+license ............... 0%
+
+misspell ............ 100%
+```
--- a/cmd/main.go
+++ b/cmd/main.go
@ -108,7 +108,7 @@ func exportPem(filename string, data []byte) {
 	if err != nil {
 		log.Fatalf("rootCA.WithClientCert: %s", err)
 	}
-	log.Printf("file created successfuly: %s\n", outputPath)
+	log.Printf("file created successfully: %s\n", outputPath)
 }

 func init() {
--- a/internal/cert/cert.go
+++ b/internal/cert/cert.go
@ -47,11 +47,11 @@ func encodePrivateKey(priv *ecdsa.PrivateKey) ([]byte, error) {
 	if err != nil {
 		return nil, fmt.Errorf("marshal: %s", err)
 	}
-	pem.Encode(out, &pem.Block{
+	err = pem.Encode(out, &pem.Block{
 		Type:  "PRIVATE KEY",
 		Bytes: privBytes,
 	})
-	return out.Bytes(), nil
+	return out.Bytes(), err
 }

 // Create a self-signed certificate.
@ -80,7 +80,11 @@ func newRootCA(config *ca.CaConfig) ([]byte, []byte, error) {
 	}

 	out := &bytes.Buffer{}
-	pem.Encode(out, &pem.Block{Type: "CERTIFICATE", Bytes: der})
+	err = pem.Encode(out, &pem.Block{Type: "CERTIFICATE", Bytes: der})
+	if err != nil {
+		return nil, nil, fmt.Errorf("pem.Encode: %s", err)
+	}
+
 	caPEM := out.Bytes()
 	keyPEM, err := encodePrivateKey(priv)
 	if err != nil {
@ -125,7 +129,11 @@ func newClientCert(config *client.ClientCertConfig, rootCA *x509.Certificate, ro
 	}

 	out := &bytes.Buffer{}
-	pem.Encode(out, &pem.Block{Type: "CERTIFICATE", Bytes: der})
+	err = pem.Encode(out, &pem.Block{Type: "CERTIFICATE", Bytes: der})
+	if err != nil {
+		return nil, nil, fmt.Errorf("pem.Encode: %s", err)
+	}
+
 	certPEM := out.Bytes()
 	keyPEM, err := encodePrivateKey(priv)
 	if err != nil {
--- a/viper.example.yaml
+++ b/viper.example.yaml
@ -8,7 +8,7 @@ ca:
    ext_key_usage: 
        - 1
        - 2
-        duration: 518400 #1 year
+        duration: "8760h0m0s" #1 year
 client:
    serial_number: 12151232 # serial number
    subject:
@ -28,4 +28,4 @@ client:
    ext_key_usage: 
        - 1
        - 2
-    duration: 518400
+    duration: "8760h0m0s"
Author	SHA1	Message	Date
Urko	9893e625b5	fix: duration	2023-02-20 21:35:19 +01:00
Urko	d37336d578	feat: update READMe add goreportcard	2023-02-15 20:05:21 +01:00
Urko	03272b363d	feat: fix misspell	2023-02-15 19:49:25 +01:00
Urko	6088b91dbd	feat: update makefile	2023-02-15 19:49:14 +01:00
Urko	9a470510a4	feat: add Makefile	2023-02-15 19:48:05 +01:00
Urko	34e22c5338	feat: update readme	2023-02-15 19:47:58 +01:00
Urko	868ebbf79d	fix lint	2023-02-15 19:47:52 +01:00
Urko	e73874986e	feat: update README	2023-02-15 19:45:27 +01:00
Urko	762ba66de8	feat: add README	2023-02-15 19:41:00 +01:00
Urko	b7ae9b2fd9	feat: add .env.example	2023-02-15 19:34:48 +01:00